[SCM] Samba Shared Repository - branch master updated

Günther Deschner gd at samba.org
Wed Dec 12 03:29:04 MST 2012


The branch, master has been updated
       via  014512f dfs_server: Don't allocate a subcontext twice.
       via  ac434c4 util: Don't use the pid ret value uninitialized.
       via  f1fe877 s3-netapi: Initialize group_handle of NetGroupSetUsers_r().
       via  7d20934 s4-netapi: Initialize group_handle of NetGroupGetUsers_r().
       via  5bc5761 s3-auth: Make sure we work on valid data_blobs.
       via  d020c51 s3-netapi: Initialize group_handle of NetUserSetGroups_r.
       via  dc9fa1a torture: Fix torture_rpc_spoolss_printer_teardown_common().
       via  33d1d52 s3-netapi: Fix zeroing policy handles in NetLocalGroupAdd_r().
       via  4c0b489 vfs: Make sure we don't call talloc_free on an uninitialized pointer.
       via  e039676 s3-printing: Don't call talloc_free on an uninitialized pointer.
       via  c83f933 idl: Fix spoolss check for the size of the struct.
       via  e4e3293 s3-net: Check the return value of strlower_m().
       via  f70c56b s3-net: Check return value of string_to_sid().
       via  785cc6f s3-rpcclient: Check return value of add_string_to_array().
       via  ff32391 s3-registry: Check return code of push_reg_sz().
      from  0f75d92 s3:auth: Tidy up some of the API confusion in create_token_from_XXX() calls.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 014512f56478152972c7cae75e872a48ea18c91d
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Dec 6 14:37:21 2012 +0100

    dfs_server: Don't allocate a subcontext twice.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>
    
    Autobuild-User(master): Günther Deschner <gd at samba.org>
    Autobuild-Date(master): Wed Dec 12 11:28:39 CET 2012 on sn-devel-104

commit ac434c4223ba7a7cbbd97a59e305445a22a32c76
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Dec 6 16:02:57 2012 +0100

    util: Don't use the pid ret value uninitialized.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit f1fe877d07d6b1d04e9bbbec558bad90a855ae95
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Dec 6 17:04:47 2012 +0100

    s3-netapi: Initialize group_handle of NetGroupSetUsers_r().
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit 7d20934693174deac1f94a250ee9a2d39a7a8c8c
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Dec 6 18:06:59 2012 +0100

    s4-netapi: Initialize group_handle of NetGroupGetUsers_r().
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit 5bc5761c06decc6b1fadff5f246c820e1db3fed3
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Dec 6 18:13:23 2012 +0100

    s3-auth: Make sure we work on valid data_blobs.
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit d020c51978727185803edc5575adaf485b6e894e
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Dec 6 18:15:12 2012 +0100

    s3-netapi: Initialize group_handle of NetUserSetGroups_r.
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit dc9fa1a026e9cd543a53b9ca72b0c52e1740c2e4
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 13:22:52 2012 +0100

    torture: Fix torture_rpc_spoolss_printer_teardown_common().
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit 33d1d525080297686f60b46661b0b4021d31199b
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 13:24:46 2012 +0100

    s3-netapi: Fix zeroing policy handles in NetLocalGroupAdd_r().
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit 4c0b4894d58094f95d8f053651104521e46da4ec
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 13:35:27 2012 +0100

    vfs: Make sure we don't call talloc_free on an uninitialized pointer.
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit e039676fe2c2fe5c7ef53e1e58487dd048e37013
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 13:42:37 2012 +0100

    s3-printing: Don't call talloc_free on an uninitialized pointer.
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit c83f9330a40fc53ec4cbfdfcafa2a95eae4cf7fa
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 15:48:28 2012 +0100

    idl: Fix spoolss check for the size of the struct.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit e4e3293b482d48bc6a503e1280fe2a20556548ef
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 17:36:39 2012 +0100

    s3-net: Check the return value of strlower_m().
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit f70c56b74769711e358860655bbb5c2329ad005b
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 17:39:03 2012 +0100

    s3-net: Check return value of string_to_sid().
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit 785cc6f3f3b5fe0deae4352dbbb2cfe76257f47d
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 17:41:46 2012 +0100

    s3-rpcclient: Check return value of add_string_to_array().
    
    Found by Coverity.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

commit ff32391808322029a8d6caa9fdf1a4d253d9b1ff
Author: Andreas Schneider <asn at samba.org>
Date:   Mon Dec 10 17:47:15 2012 +0100

    s3-registry: Check return code of push_reg_sz().
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 dfs_server/dfs_server_ad.c          |    2 +-
 lib/util/pidfile.c                  |    2 +-
 librpc/idl/spoolss.idl              |    8 ++++----
 source3/auth/auth_util.c            |    4 ++--
 source3/lib/netapi/group.c          |    2 ++
 source3/lib/netapi/localgroup.c     |   10 +++++-----
 source3/lib/netapi/user.c           |    1 +
 source3/modules/vfs_media_harmony.c |    2 +-
 source3/printing/nt_printing.c      |    2 +-
 source3/registry/reg_perfcount.c    |   13 +++++++++++--
 source3/rpcclient/cmd_spoolss.c     |    6 +++++-
 source3/utils/net_rpc.c             |   12 ++++++++++--
 source4/torture/rpc/spoolss.c       |    4 +---
 13 files changed, 45 insertions(+), 23 deletions(-)


Changeset truncated at 500 lines:

diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c
index ceabe05..4d3891a 100644
--- a/dfs_server/dfs_server_ad.c
+++ b/dfs_server/dfs_server_ad.c
@@ -278,7 +278,7 @@ static NTSTATUS get_dcs(TALLOC_CTX *ctx, struct ldb_context *ldb,
 	int ret;
 	uint32_t current_pos = 0;
 	NTSTATUS status;
-	TALLOC_CTX *subctx = talloc_new(ctx);
+	TALLOC_CTX *subctx;
 
 	*pset_list = set_list = NULL;
 
diff --git a/lib/util/pidfile.c b/lib/util/pidfile.c
index 8846371..1b382d1 100644
--- a/lib/util/pidfile.c
+++ b/lib/util/pidfile.c
@@ -36,7 +36,7 @@ pid_t pidfile_pid(const char *piddir, const char *name)
 {
 	int fd;
 	char pidstr[20];
-	pid_t ret;
+	pid_t ret = -1;
 	char *pidFile;
 
 	if (asprintf(&pidFile, "%s/%s.pid", piddir, name) < 0) {
diff --git a/librpc/idl/spoolss.idl b/librpc/idl/spoolss.idl
index d888a79..1a5f5e9 100644
--- a/librpc/idl/spoolss.idl
+++ b/librpc/idl/spoolss.idl
@@ -3013,11 +3013,11 @@ cpp_quote("#define spoolss_security_descriptor security_descriptor")
 		PROTOCOL_LPR_TYPE	= 2
 	} spoolss_PortProtocol;
 
-	typedef [public] struct {
+	typedef [public,gensize] struct {
 		[charset(UTF16)] uint16 portname[64];
 		[value(0x00000001)] uint32 version;
 		spoolss_PortProtocol protocol;
-		[value(sizeof(r))] uint32 size;
+		[value(ndr_size_spoolss_PortData1(r, ndr->flags))] uint32 size;
 		uint32 reserved;
 		[charset(UTF16)] uint16 hostaddress[49];
 		[charset(UTF16)] uint16 snmpcommunity[33];
@@ -3031,11 +3031,11 @@ cpp_quote("#define spoolss_security_descriptor security_descriptor")
 		uint32 snmp_dev_index;
 	} spoolss_PortData1;
 
-	typedef [public] struct {
+	typedef [public,gensize] struct {
 		[charset(UTF16)] uint16 portname[64];
 		[value(0x00000002)] uint32 version;
 		spoolss_PortProtocol protocol;
-		[value(sizeof(r))] uint32 size;
+		[value(ndr_size_spoolss_PortData2(r, ndr->flags))] uint32 size;
 		uint32 reserved;
 		[charset(UTF16)] uint16 hostaddress[128];
 		[charset(UTF16)] uint16 snmpcommunity[33];
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index b75a390..1367186 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -231,8 +231,8 @@ bool make_user_info_netlogon_interactive(struct auth_usersupplied_info **user_in
 	{
 		bool ret;
 		NTSTATUS nt_status;
-		DATA_BLOB local_lm_blob;
-		DATA_BLOB local_nt_blob;
+		DATA_BLOB local_lm_blob = data_blob_null;
+		DATA_BLOB local_nt_blob = data_blob_null;
 
 		if (lm_interactive_pwd) {
 			local_lm_blob = data_blob(local_lm_response,
diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c
index 710ec37..9813f7e 100644
--- a/source3/lib/netapi/group.c
+++ b/source3/lib/netapi/group.c
@@ -1459,6 +1459,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx,
 
 	ZERO_STRUCT(connect_handle);
 	ZERO_STRUCT(domain_handle);
+	ZERO_STRUCT(group_handle);
 
 	if (!r->out.buffer) {
 		return WERR_INVALID_PARAM;
@@ -1639,6 +1640,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx,
 
 	ZERO_STRUCT(connect_handle);
 	ZERO_STRUCT(domain_handle);
+	ZERO_STRUCT(group_handle);
 
 	if (!r->in.buffer) {
 		return WERR_INVALID_PARAM;
diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c
index 816afc2..1a544ad 100644
--- a/source3/lib/netapi/localgroup.c
+++ b/source3/lib/netapi/localgroup.c
@@ -159,6 +159,11 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx,
 		return WERR_INVALID_PARAM;
 	}
 
+	ZERO_STRUCT(connect_handle);
+	ZERO_STRUCT(builtin_handle);
+	ZERO_STRUCT(domain_handle);
+	ZERO_STRUCT(alias_handle);
+
 	switch (r->in.level) {
 		case 0:
 			info0 = (struct LOCALGROUP_INFO_0 *)r->in.buffer;
@@ -173,11 +178,6 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx,
 			goto done;
 	}
 
-	ZERO_STRUCT(connect_handle);
-	ZERO_STRUCT(builtin_handle);
-	ZERO_STRUCT(domain_handle);
-	ZERO_STRUCT(alias_handle);
-
 	werr = libnetapi_open_pipe(ctx, r->in.server_name,
 				   &ndr_table_samr.syntax_id,
 				   &pipe_cli);
diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c
index 3003a39..dfcbb09 100644
--- a/source3/lib/netapi/user.c
+++ b/source3/lib/netapi/user.c
@@ -3150,6 +3150,7 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx,
 
 	ZERO_STRUCT(connect_handle);
 	ZERO_STRUCT(domain_handle);
+	ZERO_STRUCT(group_handle);
 
 	if (!r->in.buffer) {
 		return WERR_INVALID_PARAM;
diff --git a/source3/modules/vfs_media_harmony.c b/source3/modules/vfs_media_harmony.c
index 360fca6..bdbb750 100644
--- a/source3/modules/vfs_media_harmony.c
+++ b/source3/modules/vfs_media_harmony.c
@@ -808,7 +808,7 @@ static DIR *mh_fdopendir(vfs_handle_struct *handle,
 		const char *mask,
 		uint32 attr)
 {
-	struct mh_dirinfo_struct *dirInfo;
+	struct mh_dirinfo_struct *dirInfo = NULL;
 	DIR *dirstream;
 
 	DEBUG(MH_INFO_DEBUG, ("Entering with fsp->fsp_name->base_name '%s'\n",
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 5050a5d..252fbb8 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -1222,7 +1222,7 @@ bool printer_driver_in_use(TALLOC_CTX *mem_ctx,
 	DEBUG(10,("printer_driver_in_use: Completed search through ntprinters.tdb...\n"));
 
 	if ( in_use ) {
-		struct spoolss_DriverInfo8 *driver;
+		struct spoolss_DriverInfo8 *driver = NULL;
 		WERROR werr;
 
 		DEBUG(5,("printer_driver_in_use: driver \"%s\" is currently in use\n", r->driver_name));
diff --git a/source3/registry/reg_perfcount.c b/source3/registry/reg_perfcount.c
index 3203e09..e51d374 100644
--- a/source3/registry/reg_perfcount.c
+++ b/source3/registry/reg_perfcount.c
@@ -158,6 +158,7 @@ static uint32 _reg_perfcount_multi_sz_from_tdb(TDB_CONTEXT *tdb,
 	char *buf1 = *retbuf;
 	uint32 working_size = 0;
 	DATA_BLOB name_index, name;
+	bool ok;
 
 	memset(temp, 0, sizeof(temp));
 	snprintf(temp, sizeof(temp), "%d", keyval);
@@ -178,7 +179,11 @@ static uint32 _reg_perfcount_multi_sz_from_tdb(TDB_CONTEXT *tdb,
 		buffer_size = 0;
 		return buffer_size;
 	}
-	push_reg_sz(talloc_tos(), &name_index, (const char *)kbuf.dptr);
+	ok = push_reg_sz(talloc_tos(), &name_index, (const char *)kbuf.dptr);
+	if (!ok) {
+		buffer_size = 0;
+		return buffer_size;
+	}
 	memcpy(buf1+buffer_size, (char *)name_index.data, working_size);
 	buffer_size += working_size;
 	/* Now encode the actual name */
@@ -191,7 +196,11 @@ static uint32 _reg_perfcount_multi_sz_from_tdb(TDB_CONTEXT *tdb,
 	memset(temp, 0, sizeof(temp));
 	memcpy(temp, dbuf.dptr, dbuf.dsize);
 	SAFE_FREE(dbuf.dptr);
-	push_reg_sz(talloc_tos(), &name, temp);
+	ok = push_reg_sz(talloc_tos(), &name, temp);
+	if (!ok) {
+		buffer_size = 0;
+		return buffer_size;
+	}
 	memcpy(buf1+buffer_size, (char *)name.data, working_size);
 	buffer_size += working_size;
 
diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c
index c3ac211..5263184 100644
--- a/source3/rpcclient/cmd_spoolss.c
+++ b/source3/rpcclient/cmd_spoolss.c
@@ -1672,7 +1672,11 @@ static bool init_drv_info_3_members(TALLOC_CTX *mem_ctx, struct spoolss_AddDrive
 	}
 
 	while (str != NULL) {
-		add_string_to_array(deps, str, &file_array, &count);
+		bool ok;
+		ok = add_string_to_array(deps, str, &file_array, &count);
+		if (!ok) {
+			return false;
+		}
 		str = strtok_r(NULL, ",", &saveptr);
 	}
 
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 57d619e..c112a15 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -369,7 +369,9 @@ static NTSTATUS rpc_oldjoin_internals(struct net_context *c,
 	}
 
 	fstrcpy(trust_passwd, lp_netbios_name());
-	strlower_m(trust_passwd);
+	if (!strlower_m(trust_passwd)) {
+		return NT_STATUS_UNSUCCESSFUL;
+	}
 
 	/*
 	 * Machine names can be 15 characters, but the max length on
@@ -4682,6 +4684,7 @@ static bool get_user_sids(const char *domain, const char *user, struct security_
 	for (i = 0; i < num_groups; i++) {
 		gid_t gid = groups[i];
 		struct dom_sid sid;
+		bool ok;
 
 		wbc_status = wbcGidToSid(gid, &wsid);
 		if (!WBC_ERROR_IS_OK(wbc_status)) {
@@ -4695,7 +4698,12 @@ static bool get_user_sids(const char *domain, const char *user, struct security_
 
 		DEBUG(3, (" %s\n", sid_str));
 
-		string_to_sid(&sid, sid_str);
+		ok = string_to_sid(&sid, sid_str);
+		if (!ok) {
+			DEBUG(1, ("Failed to convert string to SID\n"));
+			wbcFreeMemory(groups);
+			return false;
+		}
 		add_sid_to_token(token, &sid);
 	}
 	wbcFreeMemory(groups);
diff --git a/source4/torture/rpc/spoolss.c b/source4/torture/rpc/spoolss.c
index 6e0d9ed..b1229ac 100644
--- a/source4/torture/rpc/spoolss.c
+++ b/source4/torture/rpc/spoolss.c
@@ -7646,11 +7646,9 @@ static bool torture_rpc_spoolss_printer_teardown_common(struct torture_context *
 			"failed to remove printer driver");
 	}
 
-	if (p) {
+	if (p && !t->wellknown) {
 		b = p->binding_handle;
-	}
 
-	if (!t->wellknown) {
 		torture_assert(tctx,
 			test_DeletePrinter(tctx, b, &t->handle),
 			"failed to delete printer");


-- 
Samba Shared Repository


More information about the samba-cvs mailing list